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REMARKS 

This responds to the Office Action mailed on November 17, 2005 . and the references 
cited therewith. 

No claims have been amended. Claims 1-20 are pending in this application. 

^ 102 Rejection of the Claims 

Claims 1-18 were rejected under 35 U.S.C. § 102(b) as being anticipated by Gleichauf et 
al., (U.S. Patent No. 6,301,668 and Gleichauf hereinafter). This rejection is respectfully 
traversed, as Gleichauf et al. does not describe each and every element of the claims. 

The Office Action refers to Column 5, lines 33-67, and Column 7, lines 20-65 as 
disclosing the elements of claims 1 and 13. Applicant has reviewed the referenced language and 
respectfully disagrees. The referenced language describes 

Claim 1 of the present application include elements that are not shown in Gleichauf et al. 
In particular, claim 1 includes both a repository for a configuration of hardware and software, 
and also a security goal database that describes uses that the hardware and software installed on 
the network may support. An example of such "uses", is provided in paragraph 24 of the present 
application, wherein particular hosts may be "intended to provide services to users from outside 
the network. A second category may be defined as DNS (domain naming system) hosts referring 
to hosts that provide DNS services." 

Column 5, lines 33-67 of Gleichauf et al. is cited for disclosing a central repository for a 
configuration of hardware and software installed on the network. The cited language does 
describe storage of network information such as "devices coupled to internal network 10, the 
operating systems running on such devices and the services available on each device." 

Column 7, lines 20-65 is cited for disclosing a security goal database associated with the 
database engine and describing uses that the hardware and software installed on the network may 
support. This assertion is respectfiilly traversed. The language cited describes how "Scan engine 
22 can ping devices, use port scans and other methods, and/or a rules-driven, multi-phase 
network vulnerability assessment process to discover..." the above described network 
information. It can also "make an assessment of potential vulnerabilities 80 associated with each 
device. . ." The langauge does not describe the claimed security goal database that describes uses 
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of the hardware and software. Merely identifying the devices and software, and ways to discover 
them, does not correspond to the claimed central repository and the security goal database that 
includes the uses that such hardware and soflAvare support. Thus, what claim 1 identifies as two 
separate elements, the network information database and the security goal database, is not taught 
by Gleichauf et al. A proper prima facie case of anticipation has not been established, and the 
rejection should be withdrawn. 

The reference to claim 13 in the above rejection appears to have been mistaken. Claim 
1 3 will be addressed below. 

Claims 2-3 depend from claim 1 and distinguish the reference for at least the same 
reasons. 

Claims 4-10 contain elements similar to claim 1, and are believed to distinguish from 
Gleichauf et al, for at least the same reasons as claim 1. Further, claim 4 expressly recites 
elements that deal with configuration of security software packages utilizing both the network 
information database and the security goal database. Note the "security software packages" is 
plural. Gleichauf et al., describes at the referenced lines (Column 6 line 50 to column 7, line 25) 
prioritizing tasks and services performed by network security system 20. It does not describe 
configuring multiple packages as claimed. 

Claims 11-14 refer to configuring a security software package using one or more 
security goals. It also refers to decomposing security policies for a class into one or more 
security goals for an individual network device. The Office Action cites Column 7, line 65 to 
column 9, line 18 as describing these elements. This assertion is respectfully traversed. While 
the cited langauge describes the ability to configure and reconfigure the security system, it does 
so on the basis of defined thresholds, not security goals as described in the claims. As indicated 
in the description provided by the application above, the security goals are not the same as the 
devices and software attached to the network, but are related to the uses that such devices and 
software are to be put. 

With respect to claims 1 1 and 15, the Office Action also references column 5, lines 1-50 
and column 9, lines 4-16. Neither citation refers to the use of security goals in the configuration 
of a security software package as claimed. Column 5, lines 1-50 refer to detecting attacks by a 
security system monitoring traffic on the network and comparing them to attack signatures. 
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Column 9, lines 4-16 describe enabling and disabling security system services based on network 
information, not security goals. Thus, a prima facie case of anticipation has not been established, 
and the rejection should be withdrawn. 

Claim 16 distinguishes from Gleichauf et al. for similar reasons. 

Claim 17 also refers to configuring the security software package as a function of security 
goals, and is believed to distinguish from Gleichauf et al. for similar reasons. 

Claim 18 also refer to configuring the security software package, and is believed to 
distinguish from Gleichauf et al. for similar reasons. It also configures multiple security 
packages as opposed to a single security system. 



Allowable Subject Matter 
Claims 19-20 were objected to as being dependent upon a rejected base claim, but were 
indicated to be allowable if rewritten in independent form including all of the limitations of the 
base claim and any intervening claims. 
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CONCLUSION 

Applicant respectfully submits that the claims are in condition for allowance, and 
notification to that effect is earnestly requested. The Examiner is invited to telephone 
AppHcant's attorney at (612) 373-6972 to facilitate prosecution of this application. 

If necessary, please charge any additional fees or credit overpayment to Deposit Account 
No. 19-0743. 

Respectfully submitted, 
ROBERT P. GOLDMAN ET AL. 
By their Representatives, 

SCHWEGMAN, LUNDBERG, WOESSNER & KLUTH, P.A. 
P.O. Box 2938 
Minneapohs, MN 55402 
(612) 373-6972 

Date Z-/7^?^^<^ 

Bradley K. Forrest 
Reg. No. 30,837 
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